iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > OU Servers Open To Hackers For A Year
Search:
[ news_security_news ]

OU Servers Open To Hackers For A Year



SecurityProNews
Staff Writer
2006-05-22

SecurityProNews: Insider Reports Insider Reports RSS Feed


Administrators at Ohio University were surprised to find out from the FBI that not only were three servers containing very sensitive personal information hacked, but that they'd been wide open for over a year. School officials called it a failure of polices and procedures.

At least one technician has been put on paid leave because of the intrusion, says Cnet, as OU scrambles to reorganize its computer services department. The year-long hacking of university servers is a low estimate, and could have been going on longer.

A notice on the university website informed visitors that the school was working with the FBI and "top forensic consultants" and other colleges and universities that had experienced similar breaches. The website lists these three incidents:

On Friday, April 21, the FBI advised the Technology Transfer Department at Ohio University's Innovation Center that a server containing office files had been compromised. Data on the server included e-mails, patent and intellectual property files, and 35 Social Security numbers associated with parking passes

On Wednesday, April 24, the IT Security Team discovered a server that supports alumni relations and development was being used in a denial of service attack on a computer system outside of the university. The system contained the Social Security numbers of 137,000 individuals

On Thursday, May 4, the IT Security Team discovered that a computer system affiliated with Hudson Health Center had been compromised. The compromised system contained personal information on approximately 60,000 current and former students as well as some faculty and staff at Ohio University. This includes all current Athens Campus students, as well as individuals registered as a student on the Athens Campus at any time since fall 2001.

In one of the incidents, a university spokesman said, employees thought they'd shut down a server that was supposed to be online. But it was not shut down and stayed connected to the Internet without any subsequent security updates.





About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds